CVE-2020-7539

EPSS 0.32%
Published 11.12.2020 01:15:12
Last modified 21.11.2024 05:37:20
Source cybersecurity@se.com
Teams watchlist Login
Open Login

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Schneider-electric ≫ Modicon M340 Bmxp341000 Firmware Version < 3.30

Schneider-electric ≫ Modicon M340 Bmxp341000 Version-

Schneider-electric ≫ Modicon M340 Bmxp342000 Firmware Version < 3.30

Schneider-electric ≫ Modicon M340 Bmxp342000 Version-

Schneider-electric ≫ Modicon M340 Bmxp3420102 Firmware Version < 3.30

Schneider-electric ≫ Modicon M340 Bmxp3420102 Version-

Schneider-electric ≫ Modicon M340 Bmxp3420102cl Firmware Version < 3.30

Schneider-electric ≫ Modicon M340 Bmxp3420102cl Version-

Schneider-electric ≫ Modicon M340 Bmxp342020 Firmware Version < 3.30

Schneider-electric ≫ Modicon M340 Bmxp342020 Version-

Schneider-electric ≫ Modicon M340 Bmxp3420302 Firmware Version < 3.30

Schneider-electric ≫ Modicon M340 Bmxp3420302 Version-

Schneider-electric ≫ Modicon M340 Bmxp3420302cl Firmware Version < 3.30

Schneider-electric ≫ Modicon M340 Bmxp3420302cl Version-

Schneider-electric ≫ Bmxnoe0100 Firmware Version < 3.3

Schneider-electric ≫ Bmxnoe0100 Version-

Schneider-electric ≫ Bmxnoe0110 Firmware Version < 6.5

Schneider-electric ≫ Bmxnoe0110 Version-

Schneider-electric ≫ Bmxnoc0401 Firmware Version < 2.10

Schneider-electric ≫ Bmxnoc0401 Version-

Schneider-electric ≫ Tsxp574634 Firmware Version < 6.1

Schneider-electric ≫ Tsxp574634 Version-

Schneider-electric ≫ Tsxp575634 Firmware Version < 6.1

Schneider-electric ≫ Tsxp575634 Version-

Schneider-electric ≫ Tsxp576634 Firmware Version < 6.1

Schneider-electric ≫ Tsxp576634 Version-

Schneider-electric ≫ Tsxety4103 Firmware Version < 6.2

Schneider-electric ≫ Tsxety4103 Version-

Schneider-electric ≫ Tsxety5103 Firmware Version < 6.4

Schneider-electric ≫ Tsxety5103 Version-

Schneider-electric ≫ 140cpu65150 Firmware Version < 6.1

Schneider-electric ≫ 140cpu65150 Version-

Schneider-electric ≫ 140noe77111 Firmware Version < 7.1

Schneider-electric ≫ 140noe77111 Version-

Schneider-electric ≫ 140noc78100 Firmware Version < 1.74

Schneider-electric ≫ 140noc78100 Version-

Schneider-electric ≫ 140noc78000 Firmware Version < 1.74

Schneider-electric ≫ 140noc78000 Version-

Schneider-electric ≫ 140noc77101 Firmware Version < 1.08

Schneider-electric ≫ 140noc77101 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.32%	0.517

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://www.se.com/ww/en/download/document/SEVD-2020-343-03/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-7539

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-7539

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-7539

EUVD